14 DAY TRIAL // Security vendor Dr. Web has recently published a research to reveal that more than 40 Android phones manufactured by companies based in China ship with pre-installed malware bundled into the firmware and which would facilitate data leaks to malicious actors.
In a statement addressing the claims, the Chinese company explains that this was nothing that a “false virus alert,” adding that it contacted the security firm prior to the release of the research and discovered that the said malware was in fact “APK code intended for advertisements.”
“Soon after that, LEAGOO software team updated LEAGOO OS and solved virus alert issues in an urgent manner. So far, we did not receive any complaint or critics regarding personal or bank info leakages due to the so called ‘virus alert,’” the company explains in a press statement (embedded below).
Leagoo says it has since updated it software to no longer include the said code and it emphasizes that all phones are scanned for malware before leaving the factory. The company recommends users who might be getting these so-called false virus alert to update the operating system to the latest version that includes an updated algorithm.
Android.Triada.231
Furthermore, the Chinese brand warns that it plans to sue all media outlets that cited the analysis from Dr. Web and ignored the fact that the company solved the problem already.
“What is even more outrageous is that the ‘virus alert’ from the original data was exaggerated into ‘bank virus software,’ which led to extremely bad influence on LEAGOO reputation. For such false reports, legal actions will be taken by LEAGOO against relevant media and publishers,” it says.
Dr. Web said it tracked down a Trojan part of the Android.Triada family to a software developer from Shanghai that is a Leagoo partner and which provided the firm “with one of its applications to be included into an image of the mobile operating system, as well as an instruction to add third-party code into the system libraries before their compilation.”
The security firm goes on to add that despite this unusual request, “it did not evoke any suspicions from the manufacturer” and Android.Triada.231 eventually reached devices “without any obstacles.”